Download Madleňák Radovan BASIC ASPECTS OF SPAM

Doprava a spoje –elektronický časopis Fakulty prevádzky a ekonomiky
dopravy a spojov Žilinskej univerzity v Žiline, ISSN 1336-7676
BASIC ASPECTS OF SPAM
Radovan Madleňák1
What is a spam
Although a definition of “spam” (or "UBE" -- Unsolicited Bulk E-mail), is useful, there
does not appear to be a widely agreed and workable definition at present. A comprehensive
definition might need to incorporate a diverse set of elements related to commercial
behaviour, recipient psychology, the broader legal context, economic considerations, and
technical issues. To complicate the matter further, the word “spam” itself is not directly
related to the topic. Finally, of course, the spam phenomenon is perceived in different ways in
different countries. Nonetheless, a number of countries have adopted general working
definitions. From these definitions and other discussions of spam, a number of characteristics
of spam can be identified [6].
In France, the Commission Nationale de l’Informatique et des Libertés refers to
“spamming” or “spam” as the practice of sending unsolicited e-mails, in large numbers, and
in some cases repeatedly, to individuals with whom the sender has no previous contact, and
whose e-mail address was harvested improperly.
According to a EC report, “Unsolicited Commercial Communications and Data
Protection”, “Spam is generally understood to mean the repeated mass mailing of unsolicited
commercial messages by a sender who disguises or forges his identity.” Thus, while it has in
common with other forms of commercial communication the fact that it is unsolicited, it
differs from them by its massive, repetitive and unfair nature. In short, all spam is by
definition unsolicited commercial communication but not all unsolicited commercial
communication is spam.”
Australia’s “Final Report of the National Office for the Information Economy - Review
of the Spam Problem and How It Can Be Countered” states that spam is “the term now
generally used to refer to unsolicited electronic messages, usually transmitted to a large
number of recipients.” They usually, but not necessarily, have a commercial focus, promoting
or selling products or services; and they share one or more of the following characteristics:
1
Ing. Radovan Madleňák, PhD., Katedra spojov, Fakulta prevádzky a ekonomiky dopravy a spojov, Žilinská univerzita
v Žiline, Univerzitná 1, 010 26 Žilina, Slovenská republika
e-mail: [email protected]
1
Doprava a spoje –elektronický časopis Fakulty prevádzky a ekonomiky
dopravy a spojov Žilinskej univerzity v Žiline, ISSN 1336-7676
•
They are sent in an untargeted and indiscriminate manner, often by automated
means.
•
They include or promote illegal or offensive content.
•
Their purpose is fraudulent or otherwise deceptive.
•
They collect or use personal information
•
They are sent in a manner that disguises the originator.
•
They do not offer a valid and functional address to which recipients may send
messages opting out of receiving further unsolicited messages.”
Extrapolating from the definition above and elsewhere, the following characteristics can
be associated with spam:
•
Electronic messages: spam messages are sent electronically. While e-mail is by
far the most significant channel for spam, other delivery channels include short
message services (SMS) or SM-Caster (messenger spam).
•
Bulk: spam messages are typically sent in bulk, but can be sent in smaller parcels
via “free” e-mail accounts.
•
Unsolicited: spam is sent without the recipient’s request or consent. Determining
whether a message is unsolicited may be difficult where there is a pre-existing
relationship between the sender and the recipient.
•
Commercial: typically spam has a commercial purpose: the promotion or sale of a
product or service. However, some non-commercial messages may also be
considered spam, for example unsolicited bulk messages with a political theme or
that contain a virus.
•
Uses addresses collected or sold without the owner’s consent: Spammers often
use e-mail addresses that have been collected without the owner’s explicit consent.
For example, many spammers use address lists electronically harvested from
public sources, such as Web pages or newsgroups .
•
Unwanted: spam is usually considered to be unwanted or useless by its recipients.
•
Untargeted or indiscriminate: typically spam is sent in an indiscriminate manner,
without any knowledge about the recipient other than the e-mail address.
2
Doprava a spoje –elektronický časopis Fakulty prevádzky a ekonomiky
dopravy a spojov Žilinskej univerzity v Žiline, ISSN 1336-7676
•
Repetitive: many spam messages are repetitive, either exact duplicates of prior
messages (or containing very slight variations).
•
Contain illegal or offensive content: spam is frequently a vehicle for fraudulent
or deceptive content. Other spam includes adult or offensive content, which may
be illegal in some countries.
•
Unstoppable: spam recipients are typically unable to stop the reception of the
messages. This is because unsubscribe links typically do not work.
•
Anonymous or disguised: spam messages are often sent in a manner that
disguises the originator by using a false address or header information. Spammers
frequently use unauthorized third-party e-mail servers [6].
The spam’s characteristics described above may be classified as either primary or
secondary. The primary characteristics include unsolicited electronic commercial messages,
sent in bulk. Many would consider a message containing these primary characteristics to be
spam. The remaining characteristics identified above may be described as secondary
characteristics which are frequently associated with spam, but not perhaps as necessary.
The content of spam messages ranges enormously, from advertisements for goods and
services to pornographic material, to information on illegal copies of software. To illustrate
the different range of spam messages, Figure 1 shows a measure of the distribution of spam
category data for year 2006.
Leisure
Internet 6%
Spiritual
4%
Other
3%
Products
25%
7%
Health
7%
Scams
9%
Financial
20%
Adult
19%
Figure 1. Spam category data
3
Doprava a spoje –elektronický časopis Fakulty prevádzky a ekonomiky
dopravy a spojov Žilinskej univerzity v Žiline, ISSN 1336-7676
Technique of SPAM
A spammer can obtain your e-mail addresses from the following sources:
• Customers or prospective customers who supply their e-mail address to the
spammer themselves.
• Third parties who obtained the addresses directly from the individuals and sell them
to the spammer.
• Public spaces such as Web pages, directories or newsgroups on which the spammers
harvest the addresses using spamware.
• Third parties who used spamware to harvest individuals’ addresses from public
spaces and sell them to the spammer.
• In some cases there are also formulas (automated guesses related to first or last
name) used against a specified domain [3].
Among these sources, the third and fourth methods are the most common. Only the first
method might result in a recipient being aware that their e-mail address was being used for
spam. To obtain e-mail addresses, spamware tools automatically navigate Web sites and
public spaces such as Usenet or chat rooms, using a list of URLs either specified in advance,
created by means of keywords entered into search engines or recursively grabbed from Web
pages in a search-engine fashion. They then collect all the e-mail addresses found on those
spaces. They also distribute e-mail to lists created to circumvent filters put in place by the
ISPs [2].
Some spamware programs use other techniques to gather e-mail addresses. One is the
random e-mail address generator. A bulk e-mailer floods a particular domain name by using a
program that generates millions of possible Web addresses, such as [email protected], [email protected],
and so on. This “brute force attack” attempts to send e-mails to every possible combination of
letters that could form an e-mail address. The more elegant “dictionary attack” builds address
lists through computer-generated alphabetic permutations combined with address suffixes or
creates addresses by using common surnames and first initials (i.e. names are taken
sequentially, for example [email protected], [email protected], [email protected], [email protected], etc.).
Major ISPs and corporate networks which handle a large volume of e-mail traffic on
their servers everyday are highly vulnerable to the dictionary attack, because spammers often
conduct the attacks undetected, hidden in normal traffic. Spammers sometimes use software
4
Doprava a spoje –elektronický časopis Fakulty prevádzky a ekonomiky
dopravy a spojov Žilinskej univerzity v Žiline, ISSN 1336-7676
which opens connections to the other mail servers and automatically submits millions of
random addresses, such as “[email protected]”, “[email protected]”, recording which addresses
succeed. These are then added automatically to the spammer’s list. Spammers mainly target
ISPs, but spammers also spam enterprises so as to reach the corporate inboxes of millions of
e-mail users. Though the purpose of such attacks is not to alter the service of the attacked
machines, its effect on ISPs or enterprises is similar to a denial of service (DoS) attack,
wherein legitimate use of the ISP’s services is denied by massive illegitimate traffic [4].
Some spammers gather lists of working e-mail addresses not for spamming, but for
resale in bulk to other spammers worldwide. In fact, a fair number of spammers are not
interested in selling goods and services. Instead, they make money selling e-mail addresses to
other spammers.
Who is the spammer?
Identifying spammers is difficult. A number of methods are used by spammers to hide
their identities. Source addresses are randomized so that they are not easily identified.
Spamware programs automatically generate false headers and return address information.
False headers allow spammers to ignore recipient requests to be removed from e-mail lists
and to obscure their identities by making themselves untraceable. Other spammers scan the
Internet for open relays in foreign countries for their messages not to be traced.
Some spammers open free e-mail accounts and abandon them before they’re caught.
Spammers also write programs that load in multiple accounts so when one account is
terminated, another automatically kicks in. Quite a few spammers simply move on to another
ISP when their accounts are terminated for spamming with another ISP. However, others
pretend to their ISP providers to be small ISPs themselves, claiming that the spam is coming
from non-existent customers. Spammers can send out hundreds of thousands of messages,
each with customised content and source addresses, and then quickly log out. “Spoofing”
addresses is also used by spammers. This involves using false information as to the name of
the sender. This can be either false information or in some cases using names of other
commercial entities that are not involved with the spam operation.
According to Spamhaus, which operates a Register of Known Spam Operations, 80% of
spam received by Internet users in North America and Europe can be traced via aliases and
addresses, redirects, hosting locations of sites and domains, to a hard-core group of around
200 known spam operations. These spam operations consist of an estimated 500-600
5
Doprava a spoje –elektronický časopis Fakulty prevádzky a ekonomiky
dopravy a spojov Žilinskej univerzity v Žiline, ISSN 1336-7676
professional spammers with ever-changing aliases and domains. These professional, chronic
spammers are loosely grouped into gangs (“spam gangs”) and move from network to network
seeking out ISPs known for not enforcing anti-spam policies [5].
Conclusion
Consumer trust is a key for the next growth and success of e-commerce. In order for the
Internet to maintain and increase commercial growth, users must have confidence in the
security and usability of this electronic medium [1]. The significant increase of spam
threatens to erode consumer confidence online, which in turn has a negative effect on the
growth of the digital economy. The intrusiveness of spam and the fact that much spam is also
linked to fraudulent or deceptive or commercial activities has harmed the development of
e-commerce by reducing consumer trust and diminishing the credibility of e-mail marketing.
References:
[1] ČOREJOVÁ, T.: K problematike cenových modelov v elektronických komunikačných
službách. In: marketing a obchod 2004. Rok európskej integrácie. Zborník z
medzinárodnej vedeckej konferencie, Zvolen 2004, ISBN 80-89100-20-1
[2] KREMEŇOVÁ, I., ROSTÁŠOVÁ, M.: Marketing v službách: Marketingový informačný
systém, 1. vyd. - V Žiline : Žilinská univerzita, 2005. - 110 s., AH 6,95, VH 7,28 : obr.,
tab. - ISBN 80-8070-358-2.
[3] MADLEŇÁK, R.: Analýza foriem internetovej reklamy - e-mailová reklama In: Pošta,
Telekomunikácie a Elektronický obchod, ISSN 1336-8281. - Roč. 1, č. 3 (2006), s. 28-33.
[4] VACULÍK, J.: Internet marketing - advantages and disadvantages In: "Postal Telecommunication" : Szczecin - Swinoujscie, 27-28.11.2003. - Szczecin: Fundacja na
rzecz Uniwersytetu Szczecińskiego, 2003. - ISBN 83-89142-22-8. - S. 43-46.
[5] http://www.spamhouse.org
[6] http://www.oecd.org
Lektoroval:
Doc. Ing. Juraj Vaculík, PhD., Žilinská Univerzita, Žilina
Zadané na uverejnenie: 31. októbra 2006
Grant support:
1/1265/04 VEGA MŠ SR a SAV - Výskum sieťových procesov v rámci odvetvových
zoskupení firiem SR
1/2591/05 VEGA MŠ SR a SAV - Vplyv výberu efektívnej stratégie na udržiavanie
konkurencie schopnosti podniku v rámci liberalizácie poštových trhov
6